Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Openserver Security Vulnerabilities

cve
cve

CVE-2005-0351

Buffer overflow in (1) termsh, (2) atcronsh, and (3) auditsh in SCO OpenServer 5.0.6 and 5.0.7 might allow local users to execute arbitrary code via a long HOME environment variable.

7.5AI Score

0.0004EPSS

2005-04-09 04:00 AM
25
cve
cve

CVE-2005-0993

Buffer overflow in nwprint in SCO OpenServer 5.0.7 allows local users to execute arbitrary code via a long command line argument.

7.5AI Score

0.0004EPSS

2005-05-02 04:00 AM
23
cve
cve

CVE-2005-2926

Stack-based buffer overflow in (1) backupsh and (2) authsh in SCO Openserver 5.0.7 allows local users to execute arbitrary code via a long HOME environment variable.

7.6AI Score

0.001EPSS

2005-10-25 04:02 PM
25
cve
cve

CVE-2005-3624

The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows.

6.3AI Score

0.013EPSS

2006-01-06 10:00 PM
54
cve
cve

CVE-2005-3625

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (infinite loop) via streams that end prematurely, as demonstrated using the (1) CCITTFaxDecode and (2) DCTDecode streams, aka "Infinite CPU spins."

6.2AI Score

0.006EPSS

2006-01-06 10:00 PM
46
cve
cve

CVE-2005-3626

Xpdf, as used in products such as gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others, allows attackers to cause a denial of service (crash) via a crafted FlateDecode stream that triggers a null dereference.

6.1AI Score

0.005EPSS

2006-01-06 10:00 PM
54
cve
cve

CVE-2006-0072

Buffer overflow in termsh on SCO OpenServer 5.0.7 allows remote attackers to execute arbitrary code via a long -o command line argument. NOTE: this is probably a different vulnerability than CVE-2005-0351 since it involves a distinct attack vector.

7.9AI Score

0.031EPSS

2006-01-04 12:03 AM
30
cve
cve

CVE-2020-25494

Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook.

9.8CVSS

9.8AI Score

0.114EPSS

2020-12-18 03:15 PM
61
In Wild
3
cve
cve

CVE-2020-25495

A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.

6.1CVSS

6AI Score

0.003EPSS

2020-12-18 03:15 PM
65
3
Total number of security vulnerabilities59